,  AO  -  A 1 22  54  1  REAL-TIME  SYNCHRONISATION  OF  INTERPROCESS 

C OMMUN I  CATIONS (U)  HARVARD  UNIV  CAMBRIDGE  MA  AIKEN 
COMPUTATION  LAB  J  H  RE  I F  ET  AL .  JUN  82  TR-25-82 
UNCLASSIFIED  N00014-80-C-0674  F/G  9/2  . 


1/1 


\ 


REAL-TIME  SYNCHRONIZATION 
OF 

INTERPROCESS  COMMUNICATIONS 
by 

John  H.  Reif 
and 

Paul  G.  Spirakis 
TR- 25-82 


SECURITY  Cl  ASSlF  ICATlOH  OF  TmiS  «**r.r  rHA*.i  rta'a  Fntnr't) 


|  REPORT  DOCUMENT ATIOH  PAGE 

READ  INSTRUCTIONS 
nEFORE  COMPI.F.TINC,  FORM 

1.  REPORT  number 

Z  GOVT  ACCESSION  NO. 

/j  ,£>-  ^  fT*// 

1.  RECIPIENT'S  catalog  NUMBER 

. 

4  TiTLC  (ond  SvbtltU) 

Real-Time  Synchronization  of  Interprocess 

S.  TYPE  OF  REPORT  4  PERIOD  COVE M CD 

Technical  Report 

2.  PERFORMING  ORG.  REPORT  NUMBER 

TR-25-82 

T.  AUTHOR!  *J 

John  Reif 

Paul  Spirakis 

*.  CONTRACT  OR  GRANT  NUMBER!*/ 

N00014-80-C-0674 

t.  PERFORMING  ORGANIZATION  N  AMI  AND  ADDRESS 

Harvard  University  y\ 

Cambridge,  flA  02138  . ,  V  J  r  t  ,, 

_  _ Cii  Le-Xr  ■ _ 

to.  program  clement. project,  task 

AREA  A  WORK  UNIT  NUMBERS 

H.  CONTROLLING  OFFICE  NAME  AND  ADDRESS 

Office  of  Naval  Research 

12.  REPORT  DATE 

June  1982 

800  North  Quincy  Street 
Arlington,  VA  22217 

IS.  NUMBER  OF  PAGES 

43 

k«.  MONITORING  AGENCY  NAME  A  AOORCSSfll  dltlsrant  ttom  Controlling  Oltlca) 

same  as  above 

is.  security  class,  (at  thia  ,*p«n; 

IS*.  DCCL  ASSIFiCATIOn/OOWNGR  AGING 

schedule 

1*.  DISTRIBUTION  STATEMENT  (ol  thl*  kaporl) 

unlimited 

i  ' 

, 

*“  ;y," 

-■  .  .  J 

’t  j 

“ 

17.  DISTRIBUTION  ST  ATEMEN  T  (ol  tha  abstract  antarad  In  PI  net  30.  II  dlllaranl  from  Raport) 

unlimited 

»«.  SUPrLeMEN  tary  notes 

•S.  KEY  WOROS  (ContMu*  on  r«v#ri«  •  id*  1/  n#c*»»«ry  mid  Identify  by  bt ocA  nunfe*r) 

distributed  communication,  handshake,  synchronization,  real  time  response. 

1 20.  ABSTRACT  (Conflnuo  on  fvoroo  »tdm  Identify  by  block  numbof) 

see  reverse  side. 

DO  ,:S»  1473  EDITION  OF  I  NOV  6*  IS  OBSOLETE 
S/N  0  101-0  14- 6631  | 


security  classification  of  this  page  <*>>*>  B*n  R«i»r*v> 


-tuuHlTv  CL  AiStFtCAl  ION  OF  THIS  P*OE'»lun  J>»i*  Eni*r»d) 


SUMMARY 

This  paper  considers  a  fixed  (i>ossibly  infinite)  set  of  distributed 
asynchronous  processes  which  at  various  times  are  willing  to  communicate 
with  each  other. 

Each  process  has  various  ports,  each  of  which  is  used  for  communication 
with  a  distinct  neighbour  process.  Each  process  can  have  at  most  one  port 
open  at  any  time  and  its  other  ports  must  be  closed.  Two  processes  handshake 
over  a  time  interval  A  if  their  respective  ports  are  open  for  mutual 
communication  during  this  interval.  Note  that  the  handshake  relation  is  a 
matching.  Successful  communication  requires  a  handshake  of  at  least  1  step 
of  each  process;  during  the  one  step  overlap,  a  message  can  be  transmitted 
between  processes.  The  problem  is  to  synchronize  processes  (via  a  distributed 
scheduler)  so  that  they  can  successfully  handshake  at  their  will,  given  that 
the  means  of  synchronization  is  some  low  level  construct  which  docs  not 
guarantee  the  handshake  property  if  used  in  an  unsophisticated  way. 

We  describe  probabilistic  distributed  algorithms  for  synchronizing 
processes  so  that  they  can  handshake  at  will.  The  means  of  synchronization 
are  boolean  "flag"  variables,  each  of  which  can  be  written  by  only  one 
process  and  read  by  at  most  one  other  process.  The  use  of  flag  variables 
seems  as  to  require  the  fewest  assumptions  possible  without  considering 
specific  systems.!  A  process  is  considered  to  be  tame  over  a  time  interval  A 
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if  its  speed  varies  within  certain  arbitrarily  fixed  nonzero  bounds. 

We  show  our  synchronization  algoritlims  have  I’eai  time  response: 

If  a  pair  of  processes  are  mutually  willing  to  communicate  within  a 
time  interval  A  of  length  at  least  a  given  constant  and  the  pair  are  tame 
on  A,  then  they  establish  communication  within  A  with  high  likelihood  (for 
the  worst  case  behavior  of  the  system  and  the  expected  time  for  establishment 
of  communication  is  also  constant.  We  feel  the  term  real  tin:  is  merited, 
for  the  actual  time  needed  for  establishment  of  communication  is  upper 
bounded  by  a  constant  with  overwhelming  probability;  furthermore,  violations 
of  this  property  occur  with  vanishingly  low  likelihood. 

We  have  very  few  assumptions:  (1)  Tameness  is  required  of  a  process 
only  during  the  interval  it  is  willing  to  communicate  (if  the  tameness 
property  is  violated  during  that  interval,  then  there  may  be  lower  probability 
of  successful  communication) ;  at  other  times  any  process  may  dynamically  vary 
its  speed  arbitrarily  and  may  even  die.  (2)  The  processes  may  be  willing  to 
communicate  with  a  time  varying  set  of  processes  which  are  only  bounded  in 
number.  There  are  no  probability  assumptions  about  system  behavior. 

Our  communication  model  and  synchronization  algorithms  are  quite  robust. 
They  are  applied,  in  (Reif,  Spirakis,  H2B )  and  in  our  Appendix,  to  solve  a 
large  class  of  real  time  resource  allocation  problems,  as  well  as  real  time 
implementation  of  the  synchronization  primitives  of  Hoare's  multiprocessing 


language  CSP. 
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SUMMARY 


This  paper  considers  a  fixed  (possibly  infinite)  set  of  distributed 
asynchronous  processes  which  at  various  tines  are  willing  to  communicate 
with  each  other. 

Each  process  has  various  ports,  each  of  which  is  used  for  communication 
with  a  distinct  neighbour  process.  Each  process  can  have  at  most  one  port 
open  at  any  time  and  its  other  ports  must  be  closed.  Two  processes  'nandskak s 
over  a  time  interval  A  if  their  respective  ports  are  open  for  mutual 
communication  during  this  interval.  Note  that  the  handshake  relation  is  a 
matching.  Successful  communication  requires  a  handshake  of  at  least  1  step 
of  each  process;  during  the  one  step  overlap,  a  message  can  be  transmitted 
between  processes.  The  problem  is  to  synchronize  processes  (via  a  distributed 
scheduler)  so  that  they  can  successfully  handshake  at  their  will,  given  that 
the  means  of  synchronization  is  some  low  level  construct  which  does  not 
guarantee  the  handshake  property  if  used  in  an  unsophisticated  way. 

We  describe  probabilistic  distributed  algorithms  for  synchronizing 
processes  so  that  they  can  handshake  at  will.  The  means  of  synchronization 
are  boolean  "flag"  variables,  each  of  which  can  be  written  by  only  one 
process  and  read  by  at  most  one  other  process.  The  use  of  flag  variables 
seems  as  to  require  the  fewest  assumptions  possible  without  considering 
specific  systems .•}•  A  process  is  considered  to  be  tame  over  a  time  interval  L 


t  Note  that  we  do  not  use  any  standard  high  level  synchronization 
construct  such  as  shared  variables  with  a  mutual  exclusion  mechanism.  If  we 
did,  then  we  would  have  to  assume  an  implementation  of  such  a  mechanism  and 
there  are  no  real  time  implementations  of  such  mechanisms  (in  fact,  there  is 
no  bounded  time  implementation  of  such  mechanisms  when  processes  run  on 
different  processors) .  We  hope  in  the  future  that  our  techniques  rather  than 
other  "standard"  but  inefficient  synchronization  mechanisms  will  be  utilized 
for  real  time  process  synchronization. 


if  its  speed  varies  within  certain  arbitrarily  fixed  nonzero  bounds. 

We  show  our  synchronization  algorithms  have  real  tine  response : 

If  a  pair  of  processes  are  mutually  willing  to  communicate  within  a 
time  interval  A  of  length  at  least  a  given  constant  and  the  pair  are  tame 
on  A,  then  they  establish  communication  within  A  with  high  likelihood  (for 
the  worst  case  behavior  of  the  system  and  the  expected  time  for  establishment 
of  communication  is  also  constant.  We  feel  the  term  real  time  is  merited, 
for  the  actual  time  needed  for  establishment  of  communication  is  upper 
bounded  by  a  constant  with  overwhelming  probability;  furthermore,  violations 
of  this  property  occur  with  vanishingly  low  likelihood. 

We  have  very  few  assumptions:  (1)  Tameness  is  required  of  a  process 
only  during  the  interval  it  is  willing  to  communicate  (if  the  tameness 
property  is  violated  during  that  interval,  then  there  may  be  lower  probability 
of  successful  communication) ;  at  other  times  any  process  may  dynamically  vary 
its  speed  arbitrarily  and  may  even  die.  (2)  The  processes  may  be  willing  to 
communicate  with  a  time  varying  set  of  processes  which  are  only  bounded  in 
number.  There  are  no  probability  assumptions  about  system  behavior. 

Our  communication  model  and  synchronization  algorithms  are  quite  robust. 
They  are  applied,  in  [Reif,  Spirakis,  82B]  and  in  our  Appendix,  to  solve  a 
large  class  of  real  time  resource  allocation  problems,  as  well  as  real  time 
implementation  ox  the  synchronization  primitives  of  Hoare's  multiprocessing 


language  CSP. 
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1 .  INTRODUCTION 

Recently,  [Rabin,  80]  [Lehman  and  Rabin,  81],  and  [Francez  and  Roden, 

80]  have  proposed  probabilistic  algorithms  for  a  number  of  synchronization 
problems.  This  probabilistic  approach  (where  we  make  no  probabilistic 
assumptions  about  the  system  behavior,  but  allow  our  algorithms  to  make 
probabilistic  choices)  leads  to  considerably  simpler  algorithms  (perhaps 
because  of  the  locality  of  their  decisions)  and  shorter  proofs  (perhaps 
because  the  proofs  of  the  corresponding  deterministic  algorithms  had  to 
consider  complex  situations  which  would  have  very  low  probability,  if 
probabilistic  choices  were  taken,  whereas,  in  proofs  of  probabilistic 
algorithms,  we  need  only  consider  those  simple  situations  which  occur  with 
high  probability) .  The  probabilistic  approach  may  also  lead  to  improvement 
in  the  efficiency  of  synchronization  algorithms.  An  improvement  in  space 
efficiency  is  seen  in  [Rabin,  80].  We  demonstrate  here  that  a  considerable 
improvement  in  time  efficiency  can  be  made  by  probabilistic  synchronization. 

This  paper  takes  the  probabilistic  approach  to  synchronization  of 
communication  in  a  nePoork  of  distributed,  asynchronous  processes.  We  are 
interested  in  direct  interprocess  communication,  rather  than  packet  switching 
as  considered  in  [Valiant,  80 ] .  Furthermore,  we  consider  handshake  communica¬ 
tion  (as  in  Hoare's  CSP) ,  rather  than  buffered  communication  (which  is  very 
easy  to  implement  by  message  queues). 

Previously  [Schwarz,  80]  proposed  a  deterministic  synchronization 
algorithm  for  implementing  CSP  [Hoare,  78]  on  a  fixed  acyclic  distributed 
network.  Also  [Lynch,  80]  gave  a  related  algorithm  for  resource  synchroniza¬ 
tion  problems.  Both  algorithms  are  considerably  less  time  efficient  than  our 
proposed  algorithm  (for  specific  comparison  of  time  performance,  see 
Section  2.E) .  [Francez  and  Rodeh,  80]  also  propose  a  probabilistic  solution 


to  synchronization  of  communication,  but  make  no  consideration  of  the  time 


efficiency  of  their  solution. 

Our  paper  is  organized  as  follows:  We  present  in  Section  2  a  model  for 
distributed  communication  systems;  the  model  ignores  the  details  of  message 
transmission  but  gives  a  precise  combinatorial  specification  (by  time  varying 
graphs)  of  the  communication  synchronization  problem.  This  model  also  allows 
a  precise  definition  of  the  relevant  complexity  measures  of  synchronization 
algorithms,  such  as  response  time.  Section  3  presents  our  synchronization 
algorithms,  and  in  Section  4  we  prove  various  properties  of  the  synchronization 
algorithms  which  must  hold  with  certainty,  regardless  of  probabilistic  choice. 
Sections  5  and  6  give  a  probabilistic  analysis  of  the  performance  of  our 
algorithms.  We  have  taken  considerable  effort  in  the  design  of  our  synchroni¬ 
zation  algorithms  to  improve  their  expected  time  performance.  Nevertheless, 
our  algorithms  are  very  simple  in  conception  and  practice.  The  Appendix 
provides  a  real  time  implementation  of  CSP.  [Reif,  Spirakis,  82B]  presents 
a  further  application:  a  real  time  resource  granting  system.  We  feel  these 
applications  demonstrate  the  broad  applicability  of  our  synchronization 
algorithms. 
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2.0  OUR  MODEL  FOR  A  DISTRIBUTED  COMMUNICATION  SYSTEM  (DCS)  AND  ITS 
COMPLEXITY  MEASURES 

Let  be  a  fixed,  (possibly  infinite)  collection  of 

processes.  We  assume  a  (global)  time  t,  on  the  nonegative  real  line  [0,°-], 
whereby  events  of  the  system  are  totally  ordered.  The  processes  of  Z  are 
asynchronous ;  their  speeds  may  dynamically  vary  arbitrarily  over  time  and 
may  even  be  0.  (Thus,  we  allow  processes  to  die.)  The  processes  have  no 
access  to  any  global  clock  giving  the  time. 

We  assume  that  the  effect  of  a  read  or  write  is  instantaneous  and  that 
these  events  occur  at  distinct  time  instants,  so  there  are  never  any 
read/write  conflicts.  In  general,  a  stef  of  a  process  is  a  finite  time 
interval  L  in  which  a  single  instruction  is  instantaneously  executed  at 
the  last  moment  of  L. 

We  also  assume  a  global  oracle  <V  which  directs  the  willingness  of 
processes  to  communicate  with  each  other.  (Note  that,  in  applications  of 
our  distributed  communication  system  occurring  in  practice,  no  such  oracle 
exists,  but  instead  each  process  is  running  some  program  which  requires  f • om 
time  to  time  communication  with  other  processes.  An  implementation  of  the 
DCS  synchronizes  this  communication.  The  oracle  is  utilized  as  an 
artificial  device  for  specifying  worst  case  situations  of  our  system  where 
communications  are  required  by  to  be  made  at  times  most  difficult  for  our 
implementation. ) 

Intuitively,  each  process  i  wishes  at  various  times  to  communicate 
with  processes  in  n  —  { i }  -  All  communication  required  by  the  oracle  is 


implemented  by  i  rather  than  a  global  centralized  synchronization  mechanism. 
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Thus  system-wide  communication  is  implemented  by  a  distributed  scheduler, 
the  processes  of  0. 

The  formal  model  DCS  (for  .distributed  Communication  System)  described 
below,  has  been  designed  with  as  few  assumptions  as  possible  and  as  general 
as  possible.  We  are  not  concerned  with  the  values  of  the  messages  communi¬ 
cated  between  the  processes,  but  instead,  with  simply  the  establishment  of 
communication.  This  allows  us  to  avoid  any  message  system  dependent  assump¬ 
tions  which  may  vary  for  any  given  application. 

We  now  introduce  some  graphs  to  describe  precisely  the  DCS  model.  The 
graphs  allow  us  to  state  the  synchronization  problems  precisely  as  jombina- 
torial  problems  on  time  varying  graphs.  We  give  an  intuitive  description  of 
the  importance  of  these  graphs  as  they  are  defined. 

Let  the  connections  graph  h  =  (H  ,E)  be  a  (possibly  infinite)  undirected 
graph  with  vertex  set  II  and  undirected  edge  set  E  —  (H*H)  -  {(i,i)ji€ll; 

Then  { i , j }  €e  denotes  that  i€H  is  physically  able  to  communicate  with 
j€II  -  {i}  (See  Figure  1A) .  H  is  fixed  for  all  time  and  can  be  considered 
to  be  essentially  the  hardware  connections  between  processes  of  H.  We 
assume  H  has  finite  valence  (i.e.  only  a  finite  number  of  processes  are 
connected  to  any  given  process  i€il)  . 

For  each  time  t  >_  0,  the  willingness  digraph  =  (H,t)  is  a  possibly 
infinite  digraph  with  vertices  I!  and  directed  edges  given  by  relation 
— 11*11  (See  Figure  IB).  Then  i  -£  j  denotes  that  i  €ll  is  willing 
to  communicate  with  j  611  —  { i }  at  time  t.  In  that  sense  we  say  i  is  the 
source  and  j  is  the  target.  We  require  that  i  -*•  j  implies  {i,j}€E 
so  i  is  willing  to  communicate  only  with  processes  which  i  is  able  to 
communicate  with.  Also,  let  i  iff  both  i  j  and  j  ■*  i.  We  use 
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and  *-7^  to  denote  that  the  willingness  to  communicate  holds  over  time 
intervals.  For  each  time  interval  A  on  (0,®),  let  i  £  j  if  i  -*  j  for 

all  t£A  and  let  if  both  i  ?  j  and  j  -♦  i.  The  edges  of  G 

a  u  A  t 

departing  from  i€H  are  assumed  to  be  stored  locally  at  i  in  the  form  of 
a  variable  set  which,  at  time  t,  contains  the  names  of  the  targets  of  i. 

is  specified  by  the  oracle  and  read  only  by  i. 

In  the  following  we  assume  that  there  exists  a  given  fixed  integer 
constant  v  >  0  such  that  Vi£n,  Vt  0,  the  outdegree  of  i  in  Gt  (i.e., 
the  cardinality  of  {  j  |  i  — j } )  is  bounded  above  by  v. 

Assumption  Al  Two-way  communication  between  any  two  processes  i,jc“ 
requires  only  one  step  of  i  and  j.  {Thus,  i,j  are  assumed  to  communicate 
in  short  "bursts.") 


2. A  Implementation  of  a  DCS 

An  implementation  of  a  DCS  assigns  a  fixed  program  to  each  of  the 
processes  of  II.  The  implementation  is  Bumtetric  if  the  programs  are  indepen¬ 
dent  of  the  position  of  i  in  the  connections  graph  H. 

For  each  i,jeJl  such  that  {i,j}eE  we  have  a  communication  port  flag 

PORT.  .  (written  only  by  process  i)  which  is  1  at  time  t  >  0  if  i 

— 

has  opened  its  port  for  communication  with  j  at  t,  and  0  otherwise 

(indicating  the  communication  port  from  i  to  j  is  closed  at  t) .  We 

assume  2-way  communication  between  i,j  is  possible  at  any  time  that  both 

PORT.  .  and  PORT,  .  are  simultaneously  1,  but  we  make  no  particular 

j  j  *  * 

assumptions  (beyond  Al  and  A2  below)  about  this  communication. 

Let  i  j  denote  that  PORT.  =1  at  time  t.  For  each  t  >  0 

t  1  t  J 

our  implementation  defines  a  (possibly  infinite)  directed  graph  with 
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verticus  Fi  and  directed  edges  given  by  the  relation  — ►  c.  n*H.  Let 

i  i  if  both  i  — j  and  j  i .  if  i  j  then  we  say 

i  nas  opened  ccrmuni cation  with  j€il  —  { i }  at  t.  If  i  j  then  we 

say  i,j  achieve  mutual  conrrunicaiicn  at  time  t.  Also,  we  extend  the 
notation  to  intervals  A  on  (0,°^)  as  for  G^. 

Assumption  A2  If  i  j  and  not  i  -^-+  j,  t2  >  t^,  then  i  j 

1  2 

for  some  £€[t  ,t7),  where  L  contains  at  least  one  step  of  each  i  and  j 
i.e.  the  oracle,;/  can  withdraw  willingness  to  communicate  only  after 
communication  has  been  established  and  completed. 

An  implementation  is  r rarer  if  it  satisfies  the  following  restrictions: 

P.l  j  only  if  i  j 

R2  v-'”'  *  is  a  (partial)  matching;  if  it_v^'"^j  then  not 

iV'-yw  j'  for  any  j’eJMj;. 

v 

Note-  that  PI  implies  that  i  opens  communication  with  j  only  if 
i,j  are  simultaneously  willing  to  communicate.  R2  implies  that  i  does 
net  communicate  with  more  than  one  process  at  a  time. 

It  is  standard  in  the  study  of  combinatorial  algorithms  to  specify 
the  combinatorial  problem  before  giving  algorithms  for  the  solution.  We  have 
precisely  described  the  problem  of  determining  a  DCS  implementation  as  a 
combinatorial  problem  on  dynamic  graphs.  Later  we  shall  propose  two 
implementations  satisfying  both  these  restrictions.  Still  another  implemen- 
tac  on  is  described  in  [Reif,  SpiraXis,  81B) . 


-7- 


2.B.  Global  State  of  the  DCS 

For  each  t  ^  0,  let  R^  be  a  mapping  from  H  to  the  nonnegative 
reals  giving  the  speed  of  each  process  of  II  at  time  t.  We  assume  the 
speed  schedule  R  =  {Rfc|t  >_  0}  is  chosen  by  an  adverse  oracle  (possibly 
our  scheduler’s  worst  "enemy")  a  priori  (at  time  t  «  0.)  Also,  we  assume 
for  each  t  >_  0,  «V  chooses  for  the  processes  of  II  the  willingness  digraph 
Gt  at  time  t.  Thus,  may  vary  dynamically  in  time,  depending  on  the 

choices  of  the  oracle  However,  for  each  t  ^  0,  the  digraph  is 

defined  by  the  processes  of  II,  which  attempt  a  distributed  synchronization 
of  the  DCS,  depending  on  our  given  implementation.  In  addition,  we  allow  the 
processes  of  II  to  make  independent  probabilistic  choices. 

Let  L^,  the  luok  up  to  time  t,  to  be  the  probabilistic  choices  made 
by  the  processes  of  II,  up  to  time  t.  Then,  the  global  system  state  at 
time  t  is  given  by 

zt  =  <VVMt,Vt> 

and  the  global  history  up  to  time  t  is 

rt  =  ttt,|o<  Jt1  <  t} 

Thus,  we  have  a  probabilistic  multiplayer  game  of  incomplete  information, 
where  the  omnipotent  oracle  ,V  plays  against  the  team  of  processes  of  II 
which  have  only  incomplete  information  on  the  current  state  of  the  system. 

We  wish  measures  of  the  success  of  the  processes  of  II. 
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2.C.  Time  Complexity  of  a  DCS  Implementation 

A  process  step  consists  of  either  an  assignment  of  a  variable,  a  test, 

a  logical  or  arithmetic  operator,  or  a  no-op. 

Let  process  i  be  tame  on  an  interval  A,  if  for  any  interval 

A*  £  [0,»>.  if  A'  intersects  A  and  A’  is  a  single  step  of  process  i, 

then  IA’I  €  [r  .  ,r  ],  where  r  .  ,  r  are  fixed  real  constants  and 
1  1  nun'  max  nun  max 

0  <  r  .  <  r  .  (without  loss  of  generality  we  assume  that  r  /r  .  is 

nun  max  3  J  max  mm 

an  integer.) 

We  shall  not  assume  that  processes  are  tame  at  all  times.  Our  DCS 
implementation  will  be  proper  regardless  of  whether  processes  are  tame  as 
long  as  their  speeds  are  nonzero. 

Let  processes  i,j  have  successful  communication  at  interval  A  if 
i  j  311,3  A  contains  at  least  one  step  of  both  i  and  j .  We  say  A 

is  a  response  interval  for  processes  i,j  if  A  is  a  maximal  time  inter¬ 
val  such  that 

(1) 

(2)  i,j  are  both  tame  on  A,  and 

(3)  i,j  have  successful  communication  at  most  just  at  the  end  of 
A,  if  at  all. 

Note  that  if  there  is  successful  communication  during  an  interval  A' 
within  A,  then,  by  (3) ,  A'  is  a  suffix  of  A.  Also,  note  that  since 
is  maximal,  either  i,j  were  not  mutually  willing  to  communicate 
immediately  before  A,  or  A  begins  at  time  0,  or  the  instant  immediately 
before  A  is  the  end  of  a  previous  response  interval. 

Let  a  communication  request  be  R  =  (t,i,j)  such  that  t  is  the 
starting  instance  of  a  response  interval  for  processes  i,j. 
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Note  that  there  is  a  unique  communication  request  associated  with 
each  response  interval. 

Let  the  response  time  of  a  DCS  implementation,  for  any  oracle  «V 
and  communication  request  R,  be  the  random  variable  T ^  ^  giving  the 
length  of  the  response  interval  associated  with  R.  Let  T  =  max;  mean  {t^. 
for  each  oracle  and  communication  request  r] . 

For  each  e,  0<£<1,  let  the  z-error  response  i(e)  (note:  this 
is  a  function,  not  a  random  variable)  be  the  least  upper  bound  on  the  set 
of  the  values  of  the  inverse  functions  of  the  cumulative  distribution 
functions  of  T  /  at  1-E ,  for  all  od  and  R.  Thus,  if  we  have  a 
finite  interval  L  ,  j£j  ^T(£)  and  any  two  processes  i,j  which  are  tame 
on  £,  for  all  oracles  j4,  i  j  implies  i,j  have  successful  communica¬ 

tions  sometime  within  £  with  probability  ^l-£. 

Note  that  time  response  as  defined  above  for  pairs  of  processes  also 
holds  for  communication  between  sets  of  processes.  Suppose  we  have  finite 
sets  or  processes  II ^ ,  I^cH  such  that  jil2|  <v  and  for  the  same 

interval  £  of  length  S5!  (e)  and  for  all  i  in  il^  and  all  j  in  il^, 
i  j.  Then,  each  process  i  of  II  is  guaranteed  at  least  (l-E/^‘2' 
probability  of  successful  communication  with  all  the  processes  of  II  , 
within  £.  This  implies  a  very  robust  type  of  fairness. 

The  DCS  implementation  is  real  time  if  for  all  £,  0<£^1,  x(£) 
is  a  constant  dependent  only  on  v  (assumed  to  be  a  constant  upper  bound 
on  the  outdegree  of  vertices  of  G^) .  Note  then  that  T  is  also  bounded 
above  by  a  fixed  constant  dependent  only  on  v. 


2.D.  Preferential  DCS  Implementations 

We  also  consider  the  cases  where  any  given  process  i  €  FI  may  assign 
a  priority  to  the  processes  j€R-{i}  which  i  wishes  to  communicate 
with.  In  the  simplest  case,  which  we  only  consider  here,  i  distinguishes 
the  first  target  of  communication,  (1)  ,  which  i  prefers  to  communicate 
with.  (Process  i  may  communicate  with  the  other  processes  of  E^ ,  but  i 
prefers  to  communicate  with  E^(l).) 

For  each  t^O,  is  the  relation  on  H  *  II  such  that  Vi,  j  €  H 

i  j  iff  E^(l)  =  j  at  time  t.  Also  let  i  j  if  i  j  VtGA. 

We  say  A  is  a  preferential  response  interval  for  i,j  if  A  is  a 
maximal  interval  such  that 

(1)  1  -V  j  and  j  ^  i 

(2)  i,j  are  both  tame  on  A,  and 

(3)  i,j  have  successful  communication  at  most  just  at  the  end  of  A 
if  at  all,  i.e.  if  i  *~'*£l~*  3  then  A'  is  a  suffix  of  A. 

(Note  that  only  the  first  process  has  to  distinguish  the  other  as  the  first 
target . ) 

Let  a  preferential  oommuniaation  request  R  =  (t,i,j)  be  such  that 
t  is  the  starting  instant  of  a  preferential  response  interval  for  i,j. 
Note  that  there  is  a  unique  R  associated  with  each  response  interval. 

We  now  define  the  time  complexity  of  preferential  DCS  implfmentations  in  a 
similar  way:  Let  the  preferential  response  time  of  a  DCS  implementation 
for  any  oracle  jd  and  preferential  communication  request  R  be  the  random 
variable  T '  .  which  gives  the  length  of  the  preferential  response 

tW  t  ° 

interval  associated  with  R. 

Let  t'  = max{mean{x '  .  }  for  all  oracles  «V  and  communication 

J*  /  R 


requests  r}. 
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For  each  e,  0<e^l,  let  the  z-error  preferential  resptr.se  "'(e)  be 

the  least  upper  bound  on  the  set  of  the  values  of  the  inverse  functions  of 

the  cumulative  distribution  functions  of  X  .  .  each  evaluated  at  l-£, 

m  ,R 

for  all  ,V  and  R. 

Thus,  if  we  have  a  finite  interval  A,  ]A]  >i’(e)  and  any  two 
processes  i,j  which  are  tame  on  A,  for  every  oracle  <V,  (i  •*,'  j  and 
j  f  i)  implies  i,j  have  successful  communication  sometimes  within  A, 
with  probability  ^1-e. 

The  DCS  implementation  has  real  tine  preferential  response  if  for  all 
Z,  0<E<1,  X  ’  (e)  is  a  constant  dependent  only  on  v  (and  not  on  any  para¬ 
meter  of  H) .  Note  then  that  X'  is  also  bounded  above  by  a  constant 
dependent  only  on  v. 

It  is  useful  to  observe  that,  given  x'(£),  any  given  proces  i 6  u 
may  determine  (with  any  given  probability)  whether  any  process  j € Z  -  {i} 
is  willing  to  communicate  with  i  over  a  given  time  interval  in  which 
both  i,j  are  tame,  given  {i,j}€H.  The  same  holds  if  X  (E)  is  given 
instead  of  X '  (e) . 

PROPOSITION  2.1.  Let  be  any  oracle  and  A  be  any  tine  interval 

of  finite  length  >x(e)  (x'(e)  in  the  case  of  preferential  DCS.) 

Suppose  i,j  are  tam.e  on  A  and  {i,j)€H.  If  there  is  no  t€A  such 
that  i  4-s^-*  then  j  is  not  willing  to  communicate  with  i  sometime 
within  A,  with  probability  ^1-e. 

This  proposition  may  be  used  for  timing  out  requests  (or  preferential 
requests)  to  communicate  with  a  specific  process. 

(Note:  Suppose  we  are  given  a  process  j,  a  set  of  processes 
Hell  and  an  interval  A  >x'(e)  such  that  for  all  i€u,,  i  ■*'  j  and 

1  1  iu 
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j  t  i.  Assume  also,  all  processes  in  II^j{j}  are  tame  on  A.  Then,  for 
each  i £  II  and  for  all  oracles  .V,  i,j  have  successful  communication 
sometime  with  A,  with  probability  ^l-£.  Furthermore,  if  |JI  j  <v,  then, 
for  all  oracles  urf,  j  will  have  successful  communcation  with  all  i €  Ji^ 
within  A,  with  probability  ^(l-e)^1'. 

2.E.  Results  and  Previous  Work 

The  primary  results  of  this  paper  are : 

There  is  a  proper  real  time  implementation  of  DCS  such  that 


(1) 

the 

worst  case  mean  response  T 

is 

0(v2)  . 

(2) 

the 

E-error  response  T (C)  is 

0(v2 

log  <-)  )  . 

C 


Also,  there  is  a  real  time  preferential  implementation  of  DCS  such  that 

(1)  worst  case  mean  preferential  response  T*  is  0(v); 

(2)  the  E-error  preferential  response  T'(e)  is  0(v  log (-) )  . 

t 

Our  implementations  are  proper,  symmetric,  and  are  completely  inde¬ 
pendent  of  the  connection  graph  H  (H  may  be  any  finite  or  infinite  graph 
with  finite  valence) .  We  allow  processes  to  make  probabilistic  choices  and 
show  that  our  algorithms  have  real  time  response. 

The  best  previous  result  is  due  to  [Schwarz,  80]  and  is  restricted  to 
the  case  H  is  finite  and  its  edges  can  be  directed  to  form  a  digraph  b ' 
which  is  acyclic.  Let  XW  be  the  minimum  vertex  coloring  of  any  such  K’. 
Essentially,  the  technique  of  [Schwarz,  80]  is  to  color  H'  and  order  the 
precedence  of  message  transmissions  by  the  coloring.  Delays  in  message 
transmissions  can  be  as  long  as  xW  since  chains  of  processes  (of  length 
X(H))  can  be  formed  in  which  each  process  waits  for  the  next  to  reply.  So 
the  deterministic  DCS  implementation  of  [Schwarz,  80]  has  preferential  respot.se 
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time  I'  lower  bounded  by  v*x(H).  Note  that  his  implementation  is  not 
veal  time,  since  in  general  X  (H)  is  of  size  |Il|.  In  contrast,  in  our 
implementation,  the  time-varying  willingness  digraph  is  assumed  to  have 
bounded  outdegree,  but  we  see  no  way  of  Schwarz's  algorithm  to  take  ad¬ 
vantage  of  this.  Also,  his  DCS  implementation  is  not  symmetric,  since 
processes  are  required  to  know  their  color  in  H' . 

Also,  [Lynch,  80]  gives  a  solution  to  a  distributed  resource  alloca¬ 
tion  problem  which  in  [Reif,  Spirakis,  82B]  is  adopted  to  yield  a  DCS 
implementation  with  response  time  v*x(H).  In  [Reif,  Spirakis,  82B]  we  show 
that  a  class  of  generalized  resource  allocation  problems  related  to  those 
of  [Lynch,  80]  may  be  solved  in  real  time  by  our  DCS  implementation  (with 
vanishingly  small  probability  of  violation  of  the  real  time  property) . 

[Francez,  Rodeh,  80]  proposed  a  probabilistic  synchronization  algorithm 
which  can  be  considered  to  be  DCS  implementation.  An  important  difference 
between  our  implementation  and  theirs  is  that  in  the  responding  phase,  in 
our  algorithms,  each  process  reponds  to  all  processes  to  which  it  is 
willing  to  communicate,  while  in  [Francez,  Rodeh,  80]  only  one  process  is 
considered  at  a  time.  Although  [Francez,  Rodeh,  80]  make  no  explicit 
timing  assumptions,  they  do  assume  that  setting  and  resetting  of  shared 
variables  takes  only  a  negligible  time  compared  to  the  waiting  time  of 
processes,  which  is  a  much  stronger  assumption  than  ours.  The  careful 
consideration  of  timing  in  our  paper  is  crucial  to  our  achievement  of  real 
time  response  (see  also  the  analysis)  and  such  timing  considerations  were 


essentially  not  considered  in  any  previous  papers  on  synchronization. 


3. 


OUR  IMPLEMENTATION  OF  A  DCS 


To  implement  a  DCS,  we  must  give  an  algorithm  for  each  process  in  7.. 
We  present  here  two  such  implementations.  Both  satisfy  restrictions  R1 ,  R2 
required  by  proper  implementations,  and  both  are  symmetric:  Each  process 
has  the  same  algorithm  regardless  of  its  position  in  the  graph  H. 

Processes  have  Algorithm  1  in  our  "non-preferential"  implementation,  and 
Algorithm  2  in  our  "preferential"  implementation.  We  show  in  Section  4  that 
both  implementations  have  real  time  response. 

Each  program  variable  X  of  the  system  may  be  written  by  exactly  one 
process  i€Il  and  either  X  is  read  by  only  one  other  process  j  6  T.  -  { i  ' 
(in  this  case  X  is  a  flag  from  i  to  j)  or  X  is  local  to  i  (X  is 
read  only  by  i) . 

Our  following  description  of  the  DCS  implementations  will  be  giver, 
top-down  with  a  high  level  specification  of  the  algorithms  given  first  and 
then  a  specification  of  the  procedures  ASK,RESPOND  which  they  call.  (The 
procedures  ASK, RESPOND  utilize  numerous  flag  variables  which  are 
irrelevant  to  the  overall  understanding  of  our  algorithms.)  Also,  before 
giving  the  formal  specifications  of  any  algorithm  or  procedure,  we  provide 
am  informal  description  of  its  actions.  The  actual  formal  algorithms  have 
been  written  carefully  to  satisfy  certain  timing  restrictions  required  by 
our  analysis  to  achieve  real  time  response. 

In  both  algorithms,  each  process  repeatedly  throws  a  fair  coin  and 
then  executes  a  phase.  Each  phase  is  either  asking  or  responding  and  is 
chosen  by  the  coin  throw  with  probability  1/2.  This  is  used  to  ensure 
each  process  is  in  either  phase  half  of  the  time  or  the  average. 
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Informal  Description  of  the  Non-preferential  Algorithm  1 

In  a  responding  phase,  process  i  repeats  a  loop  m  times,  where 
r 

m=  (v+3)  *  -  +1.  On  each  iteration  of  the  loop,  process  i  chooses  at 

min 

random  a  process  j  from  the  processes  i  is  willing  to  communicate  with, 
and  executes  procedure  RESPOND^ (j).  This  procedure  takes  constant 
number  of  steps.  During  these  steps  process  i  reads  a  flag  to  determine  if 
j  has  recently  been  willing  to  talk  to  i  and  then  sets  a  flag  so  as  to 
later  verify  that  j  pays  attention  to  i.  These  verifications  are  done  by 
handshakes.  (A  handshake  is  the  use  of  boolean  flags  to  verify  exchange  of 
a  single  bit  of  information) .  If  so,  processes  i  and  j  synchronize  their 
steps  and  then  both  open  communication  to  each  other.  In  either  case,  i 
repeats  the  loop  until  the  corresponding  phase  finishes. 

In  an  asking  phase,  process  i  chooses  only  once  at  random  a  process 
j  with  which  i  is  willing  to  communicate,  and  then  i  executes  procedure 
ASK^(j).  This  procedure  takes  cA=c^'m  steps  (so  that  both  phases  take 
exactly  the  same  number  of  steps.  As  a  consequence,  process  i  is  in  each 
phase  half  of  the  time  on  the  average.  This  is  important  to  the  analysis) . 
During  procedure  ASK^j),  process  i  raises  a  flag  to  show  to  j  that  it  is 
currently  willing  to  communicate  with  j,  and  then  pays  attention  to  j  for  a 
limited  number  of  steps  to  test  if  j  responds  to  the  attempt  and  wants  to 
proceed  in  communication.  If  so,  then  processes  i  and  j  synchronize  their 
steps  and  then  both  open  communication  to  each  other.  If  not,  then  i 


finishes  its  current  phase  by  setting  its  flags  to  0. 
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Informal  Description  for  the  Preferential  Algorithm  2 

Each  process  i  executes  forever  the  following  loop: 

It  chooses  with  probability  1/2  to  execute  a  respond  phase  or  a 
modified  ask  phase.  The  respond  phase  is  identical  to  that  of  Algorithm  1. 
However,  in  the  modified  ask  phase,  process  i  chooses  the  distinguished 
first  process  E.  (1)  as  the  process  to  which  it  will  apply  the  procedure 
ASK.  . 


Formal  Definitions  of  Algorithms  1  and  2 


We  now  give  Algorithms  1  and  2  in  full  detail. 


Algorithm  1  (non-preferential  implementation) 

Program  for  process  i 6  H 

INITIALIZEi (  ) ; 

WHILE  TRUE  DO 
BEGIN 

L2 :  CHOOSE  a  random  b  €  { 0 , 1 } 

IF  b  =  0  THEN 
BEGIN 

COMMENT :  respond  phase 
L3:  FOR  x  =  1  to  m  DO 
BEGIN 

CHOOSE  at  random  j  £  E . 

RESPOND. (j);  1 

END  1 

END 

ELSE 

BEGIN 

COMMENT :  ask  phase 

L4:  CHOOSE  at  random  j€E. 

ASK  (j) 

END  1 

END 

OD 
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Algorithm  2  (the  preferential  implementation) 

Program  for  process  i  £  II 

INITIALIZER  ) 

WHILE  TRUE  DO 
BEGIN 

LI:  CHOOSE  a  random  b€  { 0 , 1 } 

IF  b  =  0  THEN 
BEGIN 

COMMENT :  respond  phase 

L3:  FOR  x  =  1  to  m  DO 

BEGIN 

CHOOSE  a  random  j  €  E . 

RESPOND. (j)  1 

END  1 

END 

ELSE 

BEGIN 

COMMENT :  ask  phase 
L4 :  ASK. (E . (1) ) 

END  1  1 

END 

OD 


3. A.  Intuitive  Description  of  the  Procedures  ASK .RESPOND 


The  procedures  ASK^ .RESPOND^  are  utilized  by  both  algorithms. 

For  each  i,j£H  such  that  {i,j}£H  there  are  three  flags  (boolean 

variables)  Q. A. B. .  which  are  written  only  by  i  and  read  onlv  bv  : . 
13  13  13  J  ' 

(1)  Flag  :  Just  before  each  phase,  Q  =0.  Then  i  asks  3  by 
setting  Q.  .  to  1  in  the  ask  phase.  0.  .  is  reset  to  0  before 

iD  13 

the  end  of  the  ask  ise. 


(2)  Flag  A. Just  before  each  phase,  A. .  =0.  If  i  is  in  the 
ID  ID 

responding  phase  and  detects  Q j ^  =  1  (indicating  j  "asks"  1) 

then  i  answers  j  by  setting  A,  ,  =1.  Before  the  end  of  the 

ID 


answer  phase,  i  resets  A,  . 

ID 


to  0. 


(3)  Flag  :  This  variable  is  set  to  1  by  i  only  during  the 

"watching  window"  which  is  the  interval  when  i  is  in  the 

asking  phase  and  is  watching  for  an  answer  (A^  =  1)  from  j. 

At  all  other  times,  B.  .  is  set  to  0  to  indicate  i  is  lli'.a 

13 

to  answers  by  j  . 

Another  flag  PCRT^_.  is  utilized  by  the  low  level  procedure  OPEN- COM. 
to  specify  the  state  of  the  communication  port  from  i  to  j.  As  defined  ir. 
Section  2,  i  j  iff  PORT^_.  =  1  at  time  t.  (OPEN-COM  is  called  by 

ASK.  and  RESPOND.  as  the  final  act  in  a  successful  communication  attempt.) 

l  l 

If  process  i  executes  ASK^  then  it  first  sets  a  flag  variable  Q 

to  1  (to  indicate  to  j  that  it  asks)  and  sets  another  flag  B  to  1  (to 

1,3 

indicate  to  j  that  it  pays  attention  to  it,  i.e.,  i  is  not  blind  to  answer 

by  j) .  It  keeps  these  flags  raised  for  at  most  a  constant  number  c  steps 

and  during  these  steps  it  continuously  examines  the  flag  A  ^  (the  answer 

flag  of  j).  If  the  interval  finishes  with  no  answer  from  target,  then  i 

first  _.  to  0  (to  show  that  it  stops  paying  attention  to  j)  and  then  it 

sets  to  0  to  drop  the  question.  This  order  of  actions  guarantees  that 

process  j  will  interpret  correctly  what  it  sees  from  the  flags  of  i. 

If  i  gets  an  answer  from  j  (that  is,  if  A  is  set  to  1)  aurino 

3  * 1 

the  (previously  discussed)  c  steps,  then  i  first  sets  Q.  .  to  C  (but 

B  t,3 

keeps  B.  .  to  its  current  value  to  indicate  that  it  continues  to  pav 

1.3 

attention  to  j).  Process  i  waits  until  j  also  zeros  its  flac  A 

1,3 

and  then  process  i  calls  OPEN-COM^(j)  immediately.  As  the  analysis  shows 


the  events  leading  to  this  call  guarantee  that  communication  is  achieved 
between  i  and  j  during  the  execution  of  OPEN-COM,  assuming  i  and  j 


are  tame  (we  do  not  use  a  handshake  protocol  within  OPEN-COM  since  certain 


technical  constraints  (see  Lemma  4.6)  of  cur  analysis  would  be  violated 

(namely,  if  i  is  tame  but  j  is  not,  i  would  unnecessarily  delay  in 

CFEN-COM  and  this  would  cause  problems  to  communication  between  i  and 

other  tame  processes) .  At  the  end  of  OPEN-COM,  i  sets  B.  to  0  (showing 

1  >  3 

that  it  stops  paying  attention  to  j)  and  exits  procedure  ASK^ . 

If  process  i  executes  rrocedure  RESPOND,  (asker),  then  it  first 

r  i 

examines  if  Q  is  1  (i.e.,  if  asker  is  interested  in  communicating 

asker ,  l 

with  i) .  If  so,  then  i  sets  A.  ,  to  1  and  waits  until  process  asker 

i, asker 

zeros  its  question  flag(this  is  the  "handshake"  technique).  When  this 
happens,  then  i  tests  E  to  see  if  process  asker  still  pays  attention 

&SK6 r , 1 

to  i.  If  not,  then  i  zeros  its  answer  flag  A.  and  exits.  Else, 

1  f  3.SK63T 

i  knows  that  asker  waits  for  step  synchronization  and  communi cation .  So, 

i  zeros  its  flag  A.  .  and  calls  OPEN-COM.  (asker).  The  analysis 

i, asker  i 

shows  that  the  events  leading  to  this  call  guarantee  that  communication  will 
be  achieved. 

We  now  introduce  some  terminology  and  then  develop  the  algorithms  in 
full  detail. 


A  process  i  is  in  the  asking  mode  when  it  executes  procedure  ASKf 
and  it  is  in  the  responding  mode  when  it  executes  the  procedure  RESPOND.  If 
i  is  executing  ASK ( j )  and  B  *  1  then  i  is  in  a  watching  window  for 
process  j  else  i  is  blind  with  respect  to  j.  We  say  i  is  answered  by 
j  if  i  is  in  its  watching  window  for  j  and  i  exits  lopp  A3  of  procedure 
ASK^  with  a  =  l.  A  phase  of  the  algorithms  consists  of  the  steps  between 
random  choices  of  the  variable  b€{o,l}.  If  b  =  0  the  process  is  in  a 
responding  phase  and  else  it  is  in  an  asking  phase. 


We  have  not  elaborately  commented  on  our  procedures  because  of  the 


extensive  informal  description  preceding  them. 


The  variables  of  process  i  are  initialized  as  follows: 


INITIALIZE . (  ) ; 

BEGIN  1 

for  all  j€H  such  that  {i,j}£H  do 
BEGIN 


A  .  •*-  0 

B  0 
11 

PORT .  •+  0 

END  13 

END 


In  the  following  two  procedures,  we  assume  a  register  CURSTEF  which 

gives  the  current  number  of  the  steps  executed  by  process  i  since  it  was 

last  zeroed.  (CURSTEP  is  assumed  here  only  as  a  convenience,  it  is  clear 

that  we  could  substitute  instead  a  new  variable  that  is  incremented  on 

every  step  of  the  original  Algorithm.) 

We  have  made  extensive  use  of  time  outs  to  guarantee  that  the  number 

of  steps  of  the  execution  of  procedures  RESPOND,  ASK  are  each  always 

exactly  the  same.  (This  is  crucial  to  our  proof  of  real  time  response.) 

We  define  the  parameters  appearing  in  the  procedures: 
r  r 

Let  c„  =  7  +  (12  +  4  -  )  -^a-X  ;  this  will  be  precisely  the  number  of 

R  r  r 

min  min 

steps  always  required  by  procedure  RESPOND  (see  justification  in  Lemma  4.3). 
r 

Let  m=  (v+3)  -  +  1.  Let  c  =  c  -m;  this  will  be  the  number  of  steps 

r  A  R 

min 

required  by  procedure  ASK.  Let  c  =  c  -c  ;  this  is  the  number  of  steps 

B  A  K 

rmax 

required  for  a  watching  window.  Let  cp  =  2  +  3  -  ;  this  is  the  number  of 

rmin 

steps  required  in  procedure  OPEN-COM.  Let  c^  =  c^  -  cp  -  2  and  ce  =  ck“7* 
These  parameters  are  used  to  time-out  the  execution  of  various  loops  in  our 
algorithms . 
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PROCEDURE  ASK. (target) 
local  a 


BEGIN 
Al: 
A2  : 


A3: 


A4 : 
A5: 


END 


CURSTEP ■ 

0  . 

*1 .target 


0 


0 

+  1 

«-  1 


i ,target 

COMMENT:  Begin  watching  window  for  target 


WHILE  CURSTEP  <  c 


IF 


CURSTEP  cB 


AND  a  =  0  DO  a  *■  A 
B  -  —  target,i 

AND  a  =  0  THEN  B .  0 

-  — -  l, target 


Q 

i .target 
IF  a  =  1 

BEGIN 


0 

THEN 


WHILE  (A  ^  .=1  AND  CURSTEP  <  cn)  DO  a^A^. 

-  target, i  -  D  —  targe t,i 


a  =  0  AND  CURSTEP  <  c  THEN  OPEN-COM .  (target) 
-  —  D  -  l 


IF 
END 

COMMENT: 

B. 

i .target 

WHILE  CURSTEP  <  c,  DO  a  nonoperative  step. 


End  watching  window  for  target 
<-  0 


PROCEDURE  RESPOND. (asker) 
local  q 


BEGIN  CURSTEP 

q  Q 


Bl: 


asker ,i 
IF  q  =  1  THEN 
BEGIN 

A.  .  *■  1 

i , asker 

B2 :  WHILE (CURSTEP  <  c. 


AND  q  =  1)  DO  q  *■  Q 


asker, i 


q-Mq  OR  B.  ,  =  1  OR  CURSTEP  >  C_) 

—  l, asker  —  E 

B3 :  A.  .  *■  0 

i, asker 

IF  nq  THEN  B4 :  OPEN-COM^.  (asker) 

B5 :  WHILE  CURSTEP  <  c  DO  a  nonoperative  step 


END 


-22- 


PROCEDURE  OPEN- COM ^ ( j ) 
BEGIN 


PORT  .  1 

i: 

DO  cp  -  2  nonoperative  steps 
PORT  •*-  0 

i: 

END 


4 . A .  Correctness  Properties  of  the  Algorithms  which  Hold  with  Certainty 

Our  algorithms  are  probabilistic  and  therefore  some  of  their 
properties  (such  as  response  time)  only  hold  with  a  certain  free  ability  , 
and  not  with  certainty.  A  probabilistic  analysis  of  these  properties  is 
given  in  the  next  sections.  However,  in  this  section  we  prove  properties 
of  the  algorithms  which  hold  with  certainty,  regardless  of  probabilistic 
choice.  We  show  restrictions  Rl,  R2  are  satisfied  by  our  implementations, 
and  thus  they  are  proper.  (Of  course,  we  assume  either  all  the  processes 
in  II  execute  Algorithm  1,  or  they  all  execute  Algorithm  2.) 

LEMMA  4.1.  For  both  algorithms , 

i  3  only  if  i?)  • 

Proof .  Process  i  calls  OPEN-COM^(j)  and  opens  its  channel  to 

j  only  if  either  (a)i  was  executing  an  asking  phase  and  exited  the  loop 

A3  with  a=l  or  (b)i  was  executing  a  respond  phase  and  exited  the  busy 

wait  B2  with  B.  .  =1.  In  both  cases,  i  was  willing  to  communicate  with 
3  i1 

j  in  the  start  of  the  execution  of  its  phase,  since  i  asks  (or  responds) 
only  to  processes  it  is  willing  to  communicate  with.  So,  i  -^7*  j  where 


t'  was  the  time  of  start  of  i's  phase.  By  assumption  (A2)  then, 


to 


In  case  (a),  a  =  l  means  that  j  responded  by  setting  A.  .  to  1 

3  < 1 

i's  question.  So,  j  i  for  some  t"  <  t  and  by  assumption  (A2) , 


In  case  (b) ,  j  was  the  process  setting  Q.  .  to  1  at  the  beginning 

3  > 1 


of  i's  phase.  Hence  j  i  and,  by  (A2)  ,  j-^-i. 
In  both  cases,  i  — • j  implies  i  j . 


lemma  4.2.  For  both  algorithms , 

is  a  partial  matching. 


Proof .  Since  each  process  opens  communication  to  at  most  one  process 
each  time,  (this  is  so  since  the  programs  in  both  algorithms  are  sequential 
and  each  neighbor  is  asked  or  responded  to  separately) ,  the  relation  — 
is  one  to  one.  Hence  cannot  be  more  than  a  matching.  a 

COROLLARY  4.1.  Both  algorithms  give  a  proper  implementation  of  DCS. 


4.B.  Timing  Lemmas  Which  Hold  With  Certainty 

Timing  is  an  important  aspect  of  our  algorithms.  The  following 
lemmas  are  essential,  but  somewhat  tedious  to  prove. 

lemma  4.3.  Assume  i,j  are  tame.  For  both  algorithms ,  if  i  is 

answered  by  j,  then  i,j  have  successful  communication,  within 

r 

(12  +  4  — — )  steps  of  the  slower  of  i,j  from  the  time  i  exits  loop  A3. 
min 


d 
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Proof.  If  i  exits  the  A3  loop  with  a  =  l,  then  (since  no  process 

but  j  can  assign  to  A_.  J  at  the  same  time  j  must  be  executing 

RESPOND. (i)  at  the  B2  loop.  Process  i  will  arrive  at  A4  within  4  of  its 
3 

steps  and  will  have  by  then  set  Q^_.  to  0.  These  4  steps  of  i  correspond 

to  at  most  4  r  /r  .  steps  of  j,  during  which  j  will  have  exited  the 
max  min 

B2  loop.  Also  at  this  time,  the  assumption  that  i  exits  the  loop  A3 

with  a=l  implies  that  B.  .  =1.  So,  j  will  arrive  at  B3  and  set  A. 

ID  D»i 

to  0  in  at  most  4  of  its  steps  from  the  time  it  exited  the  B2  loop. 

Within  r  /r  .  steps  of  i,  process  i  exits  the  A4  loop.  Then, 
max  min 

within  two  of  i's  steps  i  will  call  OPEN-COM^(j)  and  within  one  of 

j's  steps  j  will  call  OPEN-COM_.  (i) .  Note  that  both  i,j  will  set 

their  respective  port  flags  PORT^ ,  PORT__  to  1  within  one  step  of  the 

slower  process  (or,  within  at  most  r  /r  .  steps  of  the  faster) .  Thev 

max  min  r 

keep  their  ports  open  for  c„  -  2  =  3  r  /r  .  steps  each.  This  implies 

P  max  min  r 

that  both  processes  will  overlap  for  at  least  2 (r  /r  .  )*r  .  =2  r 

*  max  min  min  max 

time,  guaranteeing  at  least  1  step  overlap  of  both  processes.  Thus,  i,j 

have  successful  communication.  Note  that  OPEN-COM  takes  cp  steps. 

Counting  steps  of  i  plus  those  of  j  in  nonoverlapping  time  intervals, 

we  have  a  total  of  4  +  4  +  r  /r  .  +  2  +  c„  =  12  +  4  r  /r  ,  which  is 

max  min  P  max  nun 


certainly  an  upper  bound  to  the  steps  of  the  slowest  of  the  two  processes.! 


lemma  4.4.  For  both  algorithms ,  if  i,j  are  tame  on  A’  and 
i  for  a  maximal  interval  A’ ,  then  A’  contains  at  least  a  etc ? 

of  both  i  and  j  and  |A’|  =o(l).  (This  ensures  that  A’  is  just 
long  enough  for  i,j  to  communicate. ) 
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Proof.  The  only  sequence  of  events  leading  to  this  is  the  sequence 
in  which  one  of  i,j  is  in  its  watching  window  for  the  other  and  is 


answered  by  the  other.  By  Lemma  4.3,  then.  A'  contains  a  step  of  bott 

i,j.  Since  A'  is  not  greater  than  cp  steps  of  either  process,  then 

I  A'  |  <  c  r  =  2r  +  3  r2  /r  .  . 

'  1  —  P  max  max  max  min 


LEMMA  4.5.  For  both  algorithms ,  if  i,j  are  tame  on  A  and 
i  j  for  a  maximal  interval  A,  then  i  3  for  some  A'cA. 

Furthermore  i,j  have  successful  cemrunication  during  A'.  (I.e.,  a  tame 
process  never  opens  its  channel  to  another  tame  process  without  communicating 
with  it.) 


Proof.  The  only  sequence  of  events  leading  to  i  j  is  the 

sequence  in  which  one  of  i,j  was  in  its  watching  window  for  the  other 
and  is  answered  by  the  other.  By  Lemma  4.3,  3A'cA  such  that  i,j  have 
successful  communication  during  A'.  □ 


In  the  following  lemma,  we  need  not  necessarily  assume  that  i  is 

tame. 

LEMMA  4.6.  If  i  £  IT  executes  procedure  ASK,  then  precisely  c 
steps  of  i  are  required  for  the  execution  of  this  procedure .  Execution 
of  respond  by  i  requires  precisely  c  steps  of  i.  Also t  each  phase 
of  either  Algorithm  1  or  Algorithm  2  requires  exactly  cft  +  2  steps. 

Proof .  By  observation  of  timeouts  within  the  procedures  ASK  and 

RESPOND  and  by  the  definition  of  c  =m*c  .  o 

A  K 

Let  c  =  m/v*c  .  Then  c-v  is  the  number  of  steps  required  for  each 

phase. 

COROLLARY  4.2.  The  time  required  for  each  phase  is  upper  bounded  by 
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5.  PROBABILISTIC  ANALYSIS  OF  THE  RESPONSE  TIME  OF  THE  ALGORITHMS 

Intuitively,  in  both  algorithms,  the  ASK  or  Respond  phases  take 
O(v)  time  each.  In  the  worst  case  of  the  non-preferential  algorithm,  it 
requires  O(v)  expected  executions  of  the  ASK  phase  to  choose  any  given 
willing  neighbor,  if  the  set  of  willing  neighbors  is  0(v).  Given  that 
a  given  neighbor  is  chosen  and  he  is  willing,  communication  will  be 
achieved  with  probability  bounded  below  a  constant.  Hence,  we  expect 
the  average  time  of  response  of  teh  non-preferential  algorithm  to  be 
0(v2) . 

On  the  other  hand,  in  the  asking  phase  of  the  preferential  algorithm 
we  ask  a  specific  neighbor  and  we  have  a  constant  probability  to 
communicate  with  him,  if  he  is  willing.  Thus,  the  expected  total  number 
of  phases  will  be  0(1)  and  so  the  expected  response  time  of  the 
preferential  algorithm  will  be  0(v)  in  the  worst  case. 

A  formal  analysis  follows: 

By  Corollary  4.2,  cv  is  the  total  number  of  steps  of  the  asking  or 

responding  phase  and  fix  throughout  this  section  I  to  be  an  interval , 

starting  at  time  tQ,  of  length  at  least  4  phases  (i.e.,  1 1 1  _>  4cvr^ax) . 

Let  T  be  the  global  system  history  up  to  t  and  let  iV  be  a 
fc0  0 
fixed  oracle.  Note  that  (iV,^)  essentially  specifies  everything  of  the 

system's  immediate  future  except  "luck"  L^ ,  for  t'  >tQ.  Consider  two 

processes  i,j  such  that  {i,j}£H  and  i  j  and  i,j  tame  on  I. 

Let  t .  = min{t > tQ | j  does  a  phase  selection  at  t}  and 

t.  =min{t>t.  |i  does  a  phase  selection  at  t}. 
i  O' 

Let  t  =  max(t.(t.)  and  let  t.,,t._  (and  t.,,t._)  be  the  next  two 
m  i  g  ll  i2  jl  j2 


phase  selections  of  i  (and  j  respectively)  after  t  such  that 

m 

m  ll  i2 


t  <  t.  <  t._  . 

m  31  32 


tM  =  max(t.2,t.2)  . 

The  interval  (t.t  1  is  called  a  session  S  of  processes  i,j. 

0  M 

(See  Figure  2)  .  Note  that  a  session  has  <^3  phases  of  one  of  the 

processes  i,j  and  hence  its  length  is  <3cvr 

—  max 

Let  0. . (tV,r  )  be  the  probability  that  i,j  will  establish 

13  t0 

communication  during  session  S=  (t_,t  1  given  {jt/.T  ). 

0  M  tQ 

Let  &  be  the  class  of  oracles  for  which  the  outdegree  dt  is 
set  equal  to  v  for  all  nodes  i  in  and  for  all  instances  t. 

PROPOSITION  5.1.  The  response  time  of  Algorithm  1  increases  uith 


increased  reauests  to  communication . 


Proof.  The  probability  that  a  specific  process  is  chosen  in  the  ASK 
or  RESPOND  phases  decreases  monotonically  with  the  number  of  processes  to 
which  the  process  executing  ASK  or  RESPOND  is  willing  to  communicate.  c 


By  Proposition  5.1,  the  class  of  oracles  ^  gives  an  upper  bound  in 
the  response  time  of  the  system,  since  adding  requests  to  communicate 
cannot  decrease  the  response  time. 


COROLLARY  5.1.  For  oracles  0.  .(«V,r  )  <  1/v  for  the 

13  fco  ~ 


nonpreferential  Algorithm  1. 
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Consider  the  event  E  =  {process  i  is  in  the  responding  phase  in 

the  interval  A^  -  [t^.t^)  process  j  is  in  the  same  asking  phase 

and  waiting  in  a  watching  window  for  i,  for  at  least  (v/2)-c  steps  of 

process  i  during  A.}.  Let  x.  .  (js/’.T  ,E)  be  the  probability  that  i,j 

1  13 

will  establish  communication  during  session  S=  given  (W,T^  ) 

and  event  E. 

PROPOSITION  5.2. 

x.  .  (,V,r  ,E)  -Prob (E  given  (u/,T  ))  <_  a.  .  )  . 

13  to  13  to 


(Proof  easy) . 

Note  that  for  both  algorithms  the  following  holds: 

PROPOSITION  5.3. 

x..  («v,r t  ,e)  >  1  -  (1  -  ^)V/2  >  1  -  e"1/2  , 

since  given  E,  it  is  enough  for  i  to  select  j  as  the  process  to  answer 
for  at  least  one  of  the  at  least  ^  consecutive  answering  intervals  which 
overlap  with  the  watching  window  of  j. 

theorem  5.1.  For  Algorithm  1,  we  have 

Prob(E  given  <«V,r  ) )  . 

0 


Proof.  The  lenqth  of  a  watching  window  of  j  is  c_  =  c_‘(m-l) 

B  R 

steps  of  j,  which  is  at  least  c  • (m-1) -r  .  time,  which  is  at  least 

R  min 


c  *(m-l)r  .  •  -  >  c  (v+3) 

R  nun  r  —  R 

max 


steps  of  i . 
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Let  A.  =  [t.,,t._).  The  interval  A.  either  contains  at  least 
i  ll  i2  x 

half  of  a  phase  A.  of  j ,  or  half  of  it  is  contained  in  a  phase  A. 

3  3 

of  j.  (See  Figure  3).  In  either  case,  given  that  j  is  asking  i 

during  A_^  and  that  i  is  responding  during  A^,  there  is  an  overlap 

of  the  watching  window  of  the  phase  A_.  of  j  and  of  phase  A^  of  i 

v 

which  contains  at  least  c  •  —  steps  of  i.  Since  both  phases  A.  and 

R  2  j 

A^  were  selected  in  the  session  S  after  t^ ,  during  probability  of  j 
asking  i  during  A.  is  >l/2v  and  the  probability  of  i  answering 
during  A^  is  1/2.  Our  theorem  follows  by  multiplying  these  probabilities .Q 

THEOREM  5.2.  For  Algorithm  2t  we  have 

Prob  (E  given  ) )  _>  j  . 

0 

Proof .  Same  as  in  5.1.  The  only  difference  is  that  now  j  insists 
on  asking  i  and  hence  prob(j  asking  i  given  j  in  asking  phase  and 
preferring  i)  =  1.  O 

Let 

0  .  =  —  (1-e  ^2) ,  o  =  —  for  Algorithm  1 

nun  4v  max  v 

and 

1  -1/2 

0  .  =  —  (1-e  ) ,  0  =1  for  Algorithm  2  . 

mm  4  max 


THEOREM  5.3. 


0  <  0  .  <  0.  . 
min—  13 


(vV.r 

0 


)  <  0 


<  1 
max  — 


Proof.  By  Theorems  5.1,  5.2,  Propositions  5.2  and  5.3  and 
Corollary  5.1. 


□ 


j 
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Note  that  our  lower  bounds  on  x.  . (iV, F  ,E)  and  prob  (E  given 

fc0 

(iV,F  ))  do  not  depend  on  «j</  or  T  •  This  is  so  because  all  inequalities 
t0 

hold  for  any  possible  speed  ratio  of  processes  i,j  and  because  the  results 
of  choices  of  phases  for  times  t_>t  in  session  S  do  not  depend  on  «V 


Let  P.  .  (k|(«W,F  ))  be  the  probability  it  takes  exactly  k 

t0 

sessions  for  processes  i,j  to  succeed  in  establishing  communication, 
given  that  i^i  (or  i  j  and  j  •*  i)  for  a  time  interval  L 

A  Li  A 

starting  at  t  ,  such  that  &  c  I. 

Let  S  =  t  .  S  , ,S,  ,  be  the  starting  times  of  these  sessions. 

001  k-1 

Then,  by  Baye's  formula. 


P..(k|(a/,r  ))  =  (l-o.  .  (.V.IL  ))  •  (l-o.  .  (a/,rc  )) 

13  c0  iJ  *o  3  1 


...  (l-o.. ))-o..(t»/,r  ) 

sk-l 


13  '  Sk-2  ^ 


Since  for  all  «V,  all  F 


0  .  <  o.  .  <^,I\  )  <  o 

nun  —  ij  t  —  max 


we  have 


and 


P.  .  (k  (a/X  ))  <  0  (l-o  .  ) 

ig  '  t  —  max  mm 


P.  .  (k|  (o/,r  ))  >  o  .  (l-o  „) 


k-1 


k-1 


13 


t^  —  min  max 


By  using  the  above  inequalities  and  calculating  the  -ean,  we  get 

LEMMA  5.1. 

O  .  0 

nun  ,  „  „  ,  max 

<  mean(k)  <  - r 


(0  ) 
max 


2  - 


(0  .  )' 
nun 


* 


and, 


where 


and  5 


and  i, 


and  5 


or 


and 
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by  known  expressions  about  tails  of  geometries,  we  get 


LEMMA  5.2.  V£ ,  0  <  £  < 1, 


Prob{k  >  k  (£)  }  <  £ 
max 


k  (e) 
max 


log ( (a  .  *e)/c  ) 

mm  max 

log (1-0  .  ) 

mm 


Recall  3cvr  is  an  upper  bound  on  a  session  length.  Lemmas  5.1 
max 

.2  imply 

theorem  5.4.  If  x  is  the  response  of  the  system ,  then 

a 


mean (I)  <  3cvr 


max 


max  ,  ,  2 

(0  .  ) 
mm 


f  x(e)  is  the  c-errer  response ,  then 


x(e)  <  3cvr  *k  (e)  . 
—  max  max 


By  using  c 
.  2 ,  we  get 


■(“fir* 


mm 


c„  and  the  0  ,  0  .  of  Theorems  5.1 

R  max  mm 


COROLLARY  5.1.  For  Algorithm  1 


raean(T)  <  48(l-e  ^2 )  2*  (r2  /r  .  )  c_ 
—  max  mm  R 


M) 


mean(T)  = 


0  (v2) 


log 


k  (E) 
max 


(f 


iogli  -  £  (l-e"1/2) 


') 


=  o(v  log  (£)) 


implying 


6.  CONCLUSION 

We  have  provided  two  real  time  implementations  for  the  DCS  system. 

A  key  assumption  on  our  time  analysis  is  that  processes  have  to  be  tame 
during  attempts  to  communicate,  but  at  other  times  processes  need  not  be 
tame.  This  improves  a  previous  version  of  this  paper  [Reif,  Spirakis , 
1981A] ,  where  we  required  processes  to  be  tame  at  all  times. 

A  referee  has  suggested  a  modification  of  our  algorithms  which  may¬ 
be  of  practical  use  in  speeding  up  the  expected  time  response  in  some 
practical  cases.  The  modification  presumes  that  the  connections  graph 
has  fixed  valence  (otherwise,  an  infinite  number  of  variables  per  process 
is  required) .  The  idea  is  to  allow  each  process  to  have  additional  flag 


variables  which  indicate  to  other  processes  its  willingness  to  communicate 
with  them.  (We  had  presumed  that  the  set  E^  can  only  be  read  by  process 
i) ,  so  the  idea  requires  additional  flag  variables.  Those  modified 
algorithms  will  have  worst  case  performance  identical  to  those  given  in 
our  paper. 

In  a  further  paper,  [Reif,  Spirakis ,  1982],  we  have  relaxed  our 
assumption  of  tameness.  In  that  paper  we  require  only  bounds  on  the 
relative  acceleration  of  ratios  of  speeds  of  neighbor  processes.  We 
propose  there  synchronization  algorithms  which  have  relative  real  time 
response,  where  communication  is  established  with  high  probability 
between  any  pair  of  processes  within  constant  number  of  steps  of  the 
slovest  process.  However,  these  algorithms  are  less  efficient  than  those 
given  in  this  paper.  Also,  in  the  Appendix  of  [Reif,  Spirakis,  1982], 
we  are  applying  our  synchronization  techniques  to  ADA  for  a  relative  real 
time  implementation. 
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APPENDIX 

A  REAL-TIME  IMPLEMENTATION  OF  CSV 

(Hoar*,  1976]  introduced  •  concurrent  programing  language  CSP 
(for  Conmunicating  Sequential  Processes).  Hie  CSP  language  is  notable 
for  the  -iegance  of  its  synchronisation  constructs:  They  are  powerful 
and  yet  staple.  [Bernstein.  1980]  describes  an  extension  of  CSP  which 
allows  both  input  command  end  output  coomands  as  guards.  Here  we  briefly 
describe  CSP  with  Bernstein's  extension  and  present  e  real -tine  isplemen- 
tation  of  the  synchronization  constructs. 

CSP  Synchronisation  Constructs 

The  relevant  aspects  of  CSP  concern  its  process  structure  and  com¬ 
munication  mechanisms.  Concurrent  execution  of  processes  Pj,  P2,  ....  Pn 
is  denoted 

[Pj}  P2I|  ...||  Pn]  . 

Each  process  has  its  own  set  of  variables  which  are  inaccessible  to  all 
other  processes.  The  eosmunication  primitives  ere  the  output  ocnrand 
Pjlu  that  requests  that  P^  receive  the  value  of  u  and  input  ecmand 
P^Tx  which  requests  that  P^  send  a  value  which  is  then  assigned  to  x. 
There  are  two  relevant  compound  statements.  The  altomativ*  ttatment 

to,  -  C,  o  G,  .  e,  D  ...  o  G*  -  e^J 
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M 


contains  guards  Gi"*"Gjt  and  conand  lists  Each  guard  consists 

of  a  list  of  elements  which  nay  be  a  sequence  of  booleans ,  followed  by  at  most 
ece  input  ooamand  or  (in  Bernstein's  extension  of  CSP)  an  output  command. 

The  execution  nondeterminately  chooses  a  guard  G^  which  is  satisfied 
(to  test  that,  it  executes  each  element  of  from  left  to  right)  and  then 

executes  the  corresponding  coumand  list  C.  If  no  guard  is  satisfied,  the 
alternative  statement  fails.  The  repetitive  statement 

.IVc1o..."VV 

results  in  the  repeated  execution  of  the  alternative  statement 
^14C1D‘"0<\  +  V'  until  no  guards  are  satisfied. 

Note  that  the  crucial  problem  in  implementing  CSP  is  to  synchronize 
executions  of  input  oomnands  P^?x  by  process  P^  with  output  commands  P^lu 
by  process  so  that  the  value  u  is  transmitted  to  x. 

Zt  is  very  easy  to  implement  CSP  by  DCS.  (In  fact,  this  was  the 
original  motivation  for  our  work  on  DCS) .  Let  C  be  a  system-wide  constant , 
which  stay  be  fixed  to  any  arbitrarily  small  constant  on  the  interval  (0,1) . 

Ms  assume  a  real  time  DCS  implementation  with  e-srror  response  time  T(c). 

Let  v  be  the  maxima  number  of  guards  sppearing  in  any  alternative  or 
repetitive  statement}  we  assume  that  v  is  constant  relative  to  the  total 
Biafcer  n  of  proessses.  We  also  assvae  that  the  length  of  the  guard  lists 
is  bounded  by  a  small  fixed  constant.  We  also  assume  all  processes  reliebly 
sms  cute  their  programs  and  satisfy  assvaptions  Al  and  K2 . 

Our  CSP  Implementation  is  real-time  in  the  sense  that  thare  exists  a 
"positive  integer  1  (which  is  independent  of  the  number  of  processes  n) 
such  that  if  in  soma  alternative  or  repetitive  statement  I  some  guard  G 
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is  continuously  satisfisd  for  a  time  interval  A  of  length  >£  and  if  the 
processes  of  G  and  the  process  executing  the  stateaent  are  taaee  on  L, 
then  the  cosnand  list  associated  with  some  satisfied  guard  is  inediately 
executed  with  probability  >  1-E  and  otherwise,  a  failure  exit  is  always 
aade  lxnediately  after  a  tiae  interval  of  length  £.  Therefore,  we  allow 
a  failure  exit  with  probability  <C,  even  though  sane  guard  Bay  be  satisfied. 

To  atteapt  to  execute  an  output  command  p^lu  in  process  Pj, 

sets  Pr-»P.,  indicating  P.  is  willing  to  communicate  with  p..  Also,  to 
•  3  *  j 

attempt  to  execute  an  input  cneiamfl  P^?x  in  process  P ^ ,  P^  sets  P^-pP^. 
If  successful  communication  is  established  by  PA  and  p^,  the  process  P^ 
iaaediately  transmits  value  u  to  variable  x  in  P^j  and  iaaediately 
thereafter  P^  sets  P^-/*  P  j  and  P^  sets  P^-^eP^. 

An  alternative  or  repetitive  stateaent  5  may  contain  the  execution 
of  one  of  several  guarded  input  coaoands  and  output  canmands,  say 
G^c.'Gg  where  s<v.  To  execute  the  stateaent  S,  P^  first  executes  the 
boo leans  appearing  in  each  guard.  Let  R  be  the  set  of  processes  appearing 
in  those  guards  of  S  all  of  whose  booleans  evaluate  to  true .  p^  must  set 
Pj-*P^  for  each  P^C*  for  a  tiae  interval  of  length  £  ■  T (c) .  At  the 
first  tiae  that  an  appropriate  ocnaunication  is  established  between  P^  and 
soae  willing  proaess  P^  €  R,  P^  aust  iaaediately  set  P^T4*  Pj ,  for  all 
Fj,€r  and  then  P^  must  execute  the  eomand  list  associated  with  the  now 
satisfied  guard  in  the  stateaent  S.  Otherwise,  if  no  appropriate  ccsauni ca¬ 
tion  is  established  within  tiae  T  (c) ,  P^  aust  then  exit  the  stateaent  s 
with  failure.  Vote  that  the  probability  of  an  incorrect  failure  exit  is  <c. 


Figure  2.  A  session  S  of  i,j  and  one  of  the  possible  orderings 
of  events. 

*:  indicates  the  start  of  a  phase 
A .  is  a  phase  of  j 
A^  is  a  phase  of  i 


A. 
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Figure  3A.  A  case  of  phase  overlap  where  phase  A^  of  i 

contains  at  least  half  of  the  phase  A  of 
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